Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Packet Storm
Packet Stormadded 2022/11/10 12:0 a.m.252 views

Backdoor.Win32.Aphexdoor.LiteSock MVID-2022-0653 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2047ac6183da4dfb61d2562721ba0720.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Aphexdoor.LiteSock Vulnerability: Remote Stack Buffer Overflow SEH...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2022/03/02 12:0 a.m.46 views

SUSE SLES12 Security Update : cyrus-sasl (SUSE-SU-2022:0653-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0653-1 advisory. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS7.7AI score0.00431EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/03/02 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2022:0653-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9AI score0.00431EPSS
Exploits0References4
Circl
Circladded 2022/02/24 10:15 p.m.2 views

CVE-2022-0653

creationtimestamp| type| source ---|---|--- 2022-02-24 22:15:00+00:00| seen| https://t.me/cibsecurity/38049...

6.1CVSS6AI score0.0565EPSS
Exploits3References1
Vulnrichment
Vulnrichmentadded 2022/02/24 6:27 p.m.10 views

CVE-2022-0653 Profile Builder – User Profile & User Registration Forms <= 3.6.1 Reflected Cross-Site Scripting

The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the siteurl parameter found in the /assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a...

6.1CVSS5.9AI score0.0565EPSS
Exploits3References2
Wordfence Blog
Wordfence Blogadded 2022/02/17 1:53 p.m.31 views

Reflected Cross-Site Scripting Vulnerability Patched in WordPress Profile Builder Plugin

On January 4, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Profile Builder – User Profile & User Registration Forms”, a WordPress plugin that is installed on over 50,000 WordPress websites. This vulnerability makes ...

4.3CVSS6.6AI score0.0565EPSS
Exploits3
0day.today
0day.todayadded 2022/02/17 12:0 a.m.389 views

WordPress Cozmoslabs Profile Builder 3.6.1 Cross Site Scripting Vulnerability

The Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Profile Builder – User Profile & User Registration Forms”, a WordPress plugin that is installed on over 50,000 WordPress websites. This vulnerability makes it possible for an...

6.1CVSS0.0565EPSS
Exploits3
Rows per page
Query Builder